github/codeql-action
1
0
Fork 0
mirror of https://github.com/github/codeql-action.git synced 2025-12-27 17:50:07 +08:00
Code Issues Packages Projects Releases Wiki Activity
5,511 Commits 297 Branches 500 Tags
codeql-bundle-v2.18.0
Commit Graph

2008 Commits

Author SHA1 Message Date
github-actions[bot]
c94b9997cc Update default bundle to codeql-bundle-v2.13.4 2023-06-09 12:27:25 +00:00
github-actions[bot]
921d191150 Update supported GitHub Enterprise Server versions 2023-06-07 00:12:13 +00:00
Henry Mercer
dfc31c9995 Convert actions-util docs to JSDoc 2023-05-31 17:49:42 +01:00
Henry Mercer
019a40b91a Inline checks for producing a better error message for Dependabot PRs 2023-05-31 17:42:45 +01:00
Henry Mercer
ae005db7f8 Merge branch 'main' into henrymercer/remove-unused-env-var 2023-05-31 17:41:04 +01:00
Henry Mercer
89c4c9e65c Merge pull request #1678 from github/henrymercer/default-setup-safeguarding 
Flag up functionality that may not exist in default setup workflows
 2023-05-31 17:33:30 +01:00
Henry Mercer
bf419682de Remove unused CODESCANNING_EVENT_NAME environment variable 2023-05-31 15:37:11 +01:00
Alexander Eyers-Taylor
9d2dd7cfea Merge pull request #1698 from github/update-bundle/codeql-bundle-20230524 
Update default bundle to 2.13.3
 2023-05-31 12:29:26 +01:00
Henry Mercer
eb1c7a3887 Use getRefFromEnv() so ref is present on default setup 2023-05-30 19:39:53 +01:00
Henry Mercer
2408985f4e Only print lines of code information once 
CodeQL already prints it, so we don't need to print it again.
 2023-05-26 20:34:30 +01:00
Andrew Eisenberg
9c5706e1a2 Avoid throwing validation error on invalid URIs 
The recent update of jsonschema inadvertently caused extra validation of
`uri-reference` formatted properties. This change ensures that these
errors are converted to warnings.

Note that we cannot revert the change to jsonschema since the old
version does not handle `uniqueItems` correctly.
 2023-05-25 10:18:12 -07:00
Henry Mercer
1023a086ae Merge pull request #1694 from jsoref/fixes 
Fix running tests on forks, and handle invalid URIs when fingerprinting
 2023-05-25 15:41:27 +01:00
Josh Soref
cc5f2fb439 Gracefully handle decodeURIComponent failure 2023-05-25 09:15:55 -04:00
Josh Soref
789f65c9ee Improving handling of uploadFailedSarifResult -> [Object object] 2023-05-25 09:15:55 -04:00
Josh Soref
a5879b7b6e Tolerate forks of github/codeql-action 2023-05-25 09:14:30 -04:00
github-actions[bot]
4f41ff7fc8 Update default bundle to codeql-bundle-20230524 2023-05-24 16:01:53 +00:00
Stephan Brandauer
153cab09da jsdoc for fixInvalidNotificationsInFile 2023-05-24 12:09:28 +00:00
Stephan Brandauer
3100e1e354 move check to calling function 
DISABLE_DUPLICATE_LOCATION_FIX - this is to avoid needless crashes on
large sarif files
 2023-05-24 11:46:19 +00:00
Henry Mercer
f54f0731d1 Merge branch 'main' into henrymercer/semver-bundles 2023-05-17 14:45:33 +01:00
Henry Mercer
d439786b65 Merge branch 'main' into henrymercer/remove-redundant-flag 2023-05-16 19:21:22 +01:00
Henry Mercer
a1be09ed8a Remove redundant query help version flag 2023-05-16 18:20:13 +01:00
Henry Mercer
2bf10dc4b9 Extract semantic CLI version from URL when requesting specific tools 2023-05-16 14:47:32 +01:00
Henry Mercer
e422b64793 Use resolve extractor when finding autobuild scripts 2023-05-16 11:18:16 +01:00
Rasmus Wriedt Larsen
cf58ef4480 Update wording for CODEQL_PYTHON warning 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-05-15 12:05:03 +02:00
Rasmus Wriedt Larsen
cc641561b7 Improve python warning message 
The last dot in `=3.11.` is just slightly confusing, so added single
quotes around the environment variable assignments to make it 100% clear
 2023-05-12 09:59:20 +02:00
Rasmus Wriedt Larsen
c237da1a2f Fix linting errors 2023-05-12 09:58:30 +02:00
Rasmus Wriedt Larsen
cbc79bf64b Merge branch 'main' into rasmuswl/python-disable-dependency-installation 2023-05-12 09:55:57 +02:00
Rasmus Wriedt Larsen
b8f39fe0f5 Use features properly in setupPythonExtractor 2023-05-12 09:55:22 +02:00
Shaikhul Islam
e5fdcd4a8f Apply suggestions from code review 
Co-authored-by: Henry Mercer <henry.mercer@me.com>
 2023-05-11 09:29:25 -04:00
Rasmus Wriedt Larsen
0ccdbf8cd5 Feature flag to disable python dependency installation 2023-05-11 12:14:04 +02:00
Shaikhul Islam
c26fc558ba revert MissingPushHook checks changes 2023-05-10 20:37:56 +00:00
Shaikhul Islam
699855c048 fix linter issue 2023-05-09 15:05:36 +00:00
Shaikhul Islam
edb138ff88 remove consts MismatchedBranches and MissingPushHook 2023-05-09 14:39:49 +00:00
Andrew Eisenberg
9824588133 Fix broken regex 
`($i)` is not valid for javascript regexes.
 2023-05-05 12:02:19 -07:00
Andrew Eisenberg
11fba50273 Merge pull request #1668 from github/aeisenberg/update-sarif-schema 2023-05-05 09:14:24 -07:00
Dave Bartolomeo
33461954a5 Merge branch 'main' into update-bundle/codeql-bundle-20230428 2023-05-03 19:02:27 -04:00
Andrew Eisenberg
febbadf751 Update the sarif schema file 
The version we were using is quite old. Copied the latest from
123e95847b/Schemata/sarif-schema-2.1.0.json

I do not think the sarif spec will be changing any more without
an explicit version update, so this is fine for now.
 2023-05-02 13:46:24 -07:00
github-actions[bot]
234badad23 Update default bundle to codeql-bundle-20230428 2023-05-01 03:46:50 +00:00
Andrew Eisenberg
824d18c689 Merge remote-tracking branch 'upstream/main' into issue-1589-config-param 2023-04-28 11:34:52 -07:00
Angela P Wen
8b12d99ee5 Fix bug where run attempt was reported as run ID (#1661) 2023-04-27 18:05:34 +00:00
Angela P Wen
da583b07a7 Add workload_run_attempt to analysis upload (#1658) 
* Refactor status report upload logic

Previously we had duplicated the logic to check `GITHUB_RUN_ID`. We now call the `getWorkflowRunID()` method for the status report upload method, and move the logic for the run attempt to `getWorkflowRunAttempt()`

* Add `workflow_run_attempt` to analysis payload

* Stop allowing `undefined` run IDs and attempts

Because we already throw an error if the ID or attempt aren't numbers, we don't have to allow `undefined` values into the payload.
 2023-04-26 02:13:27 +00:00
Angela P Wen
a9648ea7c6 Throw full error for CLI bundle download (#1657) 2023-04-24 07:46:45 -07:00
Henry Mercer
b8cc643a23 Merge branch 'main' into cklin/codeql-cli-2.13.0 2023-04-20 11:23:25 +01:00
Henry Mercer
66f62df188 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-19 15:56:42 +01:00
tgrall
47cec7ab01 add test with config file and input together 2023-04-18 06:01:33 +02:00
tgrall
7b876ae4f4 remove space from json string 2023-04-18 05:46:51 +02:00
tgrall
f398a65921 fix after review from @henrymercer 2023-04-18 05:43:21 +02:00
Chuan-kai Lin
7867d03591 Update default CodeQL bundle version to 2.13.0 2023-04-14 15:28:21 -07:00
Henry Mercer
599f4927f2 Allow passing the workflow via an environment variable 2023-04-12 14:14:43 +01:00
Henry Mercer
8a093aa1a5 Merge branch 'main' into henrymercer/remove-legacy-tracing 2023-04-11 12:25:45 +01:00